module.exports = options => {
    const jwt = require('jsonwebtoken');
    const model = require('../models/AdminUser');
    const assert = require('http-assert') //用于抛出错误
    return async(req, res, next) => {
        const token = String(req.headers.authorization || "").split(' ').pop()
        assert(token, 401, '没有jwt token')
        const { id } = jwt.verify(token, req.app.get('secret'))
        assert(id, 401, '无效的jwt token')
        req.user = await model.findById(id)
        assert(req.user, 401, '请先登录!')
        await next()
    }
}